Enabling network intrusion prevention or browser intrusion prevention
Intrusion prevention is enabled by default. Typically, you should not disable either type of intrusion prevention.
You can enable a log-only mode for browser intrusion prevention to record what traffic it blocks without affecting the client user. You can then use the
Network and Host Exploit Mitigationattack logs in
Symantec Endpoint Protection Managerto create exceptions in the
Intrusion Preventionpolicy to ignore specific browser signatures. You would then disable log-only mode.
To configure these settings in mixed control, you must also enable these settings in the
Client User Interface Mixed Control Settingsdialog box.
- To enable network intrusion prevention or browser intrusion prevention
- In the console, open an Intrusion Prevention policy.
- On the policy page, clickIntrusion Prevention.
- Make sure the following options are checked:
- Enable Network Intrusion PreventionYou can also exclude particular computers from network intrusion prevention. See:
- Enable Browser Intrusion Prevention for Windows